Insecure Permissions in Ruckus Wireless Unleashed Devices Allows Credential Overwrite
CVE-2020-13915

7.5HIGH

Key Information:

Vendor: Ruckuswireless
Status: Unleashed Firmware
Vendor: CVE Published:; 28 July 2020

🔔 Create Ruckuswireless Vulnerability Alert

What is CVE-2020-13915?

Ruckus Wireless Unleashed devices have a vulnerability in the emfd/libemf component, allowing an unauthenticated remote attacker to exploit insecure permissions. By sending a crafted HTTP request, an attacker can overwrite administrative credentials, potentially gaining unauthorized control over affected devices. This vulnerability spans multiple models, making it critical for users of Ruckus Unleashed to review security measures to prevent exploitation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://support.ruckuswireless.com/security_bulletins/304

x_refsource_CONFIRM

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 28, 2020
Vulnerability Reserved
Jun 7, 2020

JSON

Ruckuswireless

What is CVE-2020-13915?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.